Getting /var/lightsquid/report errors? Here's a Possible Solution!

pfSense Packages
Log in to reply
  • A

    Hi all,

    I've been getting the following error from LightSquid on a few of my pfSense 2.0 firewalls, and I've been pounding my head against a wall trying to figure out why for the last few hours… I finally have an answer, and since I just lost two hours of my life, I figured I'd try to save some of you the same heartache...

    Symptom: LightSquid installs fine on pfSense. You follow the directions and configure squid to put the access.log file in /var/squid/log instead of the default location /var/squid/logs. Without a care in the world you drunkenly skip over to Status -> Proxy Report and click Refresh Now or Refresh Full. Then you go to the LightSquid Report tab to be rudely sobered up by the following screen:

    LightSquid diagnostic.
    Error : report folder '/var/lightsquid/report' not contain any valid data! Please run lightparser.pl (and check 'report' folder content)
    Please check config file !
    Variable   value
    $tplpatph   /usr/local/www/lightsquid/tpl
    $templatename   base
    $langpatph   /usr/local/share/lightsquid/lang
    $langname   eng
    $reportpath   /var/lightsquid/report
    Access to '/var/lightsquid/report' folder   yes
    $graphreport   1
    folder content:

    You think "what? this can't be right?!"

    • You go click Refresh Full about a billion more times with the same result.

    • You google it and find people suggesting that your perl dependency didn't install right, and so you uninstall and reinstall LightSquid about 10 times. Same result.

    • Perhaps you SSH in and at a shell prompt, you find and run lightparser.pl manually, which runs without error.

    • There are no system logs indicating that anything is wrong.

    • If you're like me and you're really stubborn, you go to another pfSense machine, copy a report directory from /var/lightsquid/report, tar it up, and scp it over to the non-working box, at which point you discover that lightsquid will show this data.

    Does any of this sound familiar? Here's the real cause.

    Your /var/squid/log/access.log file is empty. 0 bytes. If you have had this happening for awhile, you'll notice that Squid is rotating the log files, and all of those files are 0 bytes as well.

    In my case it happened because I have my squid configuration customized to gather ident lookups so I get real usernames. See this article. As a result I had to turn off the transparent proxy setting and then define it manually in the NAT rules. I was in a hurry when I did so, and I defined the rule as:

    • Interface: LAN

    • Protocol: TCP

    • Source IP: LAN Net

    • Destination IP: Firewall

    • Destination Port: 80

    • Redirect To: LAN Address

    … when it should have been:

    • Interface: LAN

    • Protocol: TCP

    • Source IP: LAN Net

    • Destination IP: ANY

    • Destination Port: 80

    • Redirect To: LAN Address

    Since no one navigates to the firewall's HTTP port, the rule (first list above) never applied.
    Once I fixed it (second list above), I'm now seeing oodles of LightSquid reports.

    Hope this helps someone. Please let me know if it helps you. :-)

    0
  • I

    Hello,

    I found that actually going and changing the location of the log in the squid and then changing back, normaly resolves the issue. ;) do restart the service between changes ;)

    hope this is useful :)

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy